apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    component: etcd
    tier: control-plane
  name: etcd
  namespace: kube-system
spec:
  containers:
  - command:
    - etcd
    - --name=etcd-{{ inventory_hostname }}
    - --advertise-client-urls=https://{{ CURRENT_HOST_IP }}:2379
    - --trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
    - --cert-file=/etc/kubernetes/pki/etcd/server.crt
    - --key-file=/etc/kubernetes/pki/etcd/server.key
    - --peer-trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
    - --peer-cert-file=/etc/kubernetes/pki/etcd/peer.crt
    - --peer-key-file=/etc/kubernetes/pki/etcd/peer.key
    - --peer-client-cert-auth=true
    - --listen-peer-urls=https://{{ CURRENT_HOST_IP }}:2380
    - --listen-client-urls=https://127.0.0.1:2379,https://{{ CURRENT_HOST_IP }}:2379
    - --initial-cluster-state={{ CLUSTER_STATE }}
    - --initial-advertise-peer-urls=https://{{ CURRENT_HOST_IP }}:2380
    - --initial-cluster={{ INITIAL_CLUSTER }}
    - --initial-cluster-token=etcd-cluster-token
    - --client-cert-auth=true
    - --snapshot-count=10000
    - --data-dir={{ etcd_data_dir }}
    # 推荐一小时压缩一次数据这样可以极大的保证集群稳定
    - --auto-compaction-retention=1
    # Etcd Raft消息最大字节数，这里设置16M，官方推荐是10M
    - --max-request-bytes=16777216
    # ETCD db数据大小，默认是2G，官方推荐是8G
    - --quota-backend-bytes=8589934592
    image: {{ etcd_image }}
    imagePullPolicy: IfNotPresent
    livenessProbe:
      exec:
        command:
        - /bin/sh
        - -ec
        - ETCDCTL_API=3 etcdctl --endpoints=https://[127.0.0.1]:2379 --cacert=/etc/kubernetes/pki/etcd/ca.crt
          --cert=/etc/kubernetes/pki/etcd/healthcheck-client.crt --key=/etc/kubernetes/pki/etcd/healthcheck-client.key
          get foo
      failureThreshold: 8
      initialDelaySeconds: 15
      timeoutSeconds: 15
    name: etcd
    resources: {}
    volumeMounts:
    - mountPath: /var/lib/etcd
      name: etcd-data
    - mountPath: /etc/kubernetes/pki/etcd
      name: etcd-certs
  hostNetwork: true
  priorityClassName: system-cluster-critical
  volumes:
  - hostPath:
      path: {{ etcd_data_dir }}
      type: DirectoryOrCreate
    name: etcd-data
  - hostPath:
      path: /etc/kubernetes/pki/etcd
      type: DirectoryOrCreate
    name: etcd-certs
status: {}